Limits...
A Lightweight White-Box Symmetric Encryption Algorithm against Node Capture for WSNs.

Shi Y, Wei W, He Z - Sensors (Basel) (2015)

Bottom Line: Therefore, the size of the implementations are significantly reduced while keeping the same security efficiency.The security and efficiency of the proposed solutions are theoretically analyzed.Evaluation shows our solutions satisfy the requirement of sensor nodes in terms of limited memory size and low computational costs.

View Article: PubMed Central - PubMed

Affiliation: School of Software Engineering, Tongji University, No.4800 Cao'An Highway, Shanghai 201804, China. shiyang@tongji.edu.cn.

ABSTRACT
Wireless Sensor Networks (WSNs) are often deployed in hostile environments and, thus, nodes can be potentially captured by an adversary. This is a typical white-box attack context, i.e., the adversary may have total visibility of the implementation of the build-in cryptosystem and full control over its execution platform. Handling white-box attacks in a WSN scenario is a challenging task. Existing encryption algorithms for white-box attack contexts require large memory footprint and, hence, are not applicable for wireless sensor networks scenarios. As a countermeasure against the threat in this context, in this paper, we propose a class of lightweight secure implementations of the symmetric encryption algorithm SMS4. The basic idea of our approach is to merge several steps of the round function of SMS4 into table lookups, blended by randomly generated mixing bijections. Therefore, the size of the implementations are significantly reduced while keeping the same security efficiency. The security and efficiency of the proposed solutions are theoretically analyzed. Evaluation shows our solutions satisfy the requirement of sensor nodes in terms of limited memory size and low computational costs.

No MeSH data available.


Attack models.
© Copyright Policy
Related In: Results  -  Collection

License
getmorefigures.php?uid=PMC4482007&req=5

sensors-15-11928-f009: Attack models.

Mentions: Before the discussion on security of the proposed white-box encryption algorithms, we briefly review three main attack/threat models capturing the capabilities of an adversary to attack cryptosystems [37]. The first one is the black-box model. It is a traditional attack model in which an adversary has only access to the functionality of a crypto system. The second one is the grey-box model, which refers to a model in which a leakage function is present. In such an attack context, the adversary can deploy side-channel cryptanalysis techniques. Due to the large variety of leakage functions, several grey-box models can be defined. The third one is the white-box model in which the adversary has total visibility of the software implementation of the cryptosystem and has full control over its execution platform. One could refer to the white-box model as the worst-case model. In contrast to grey-box models, it is impossible for an adversary not to comply with the model. The white-box model is used to analyze algorithms that are running in a non-trustable environment, in which applications are subject to attacks from the execution platform. Threats and cryptanalysis techniques in the three models are illustrated in Figure 9.


A Lightweight White-Box Symmetric Encryption Algorithm against Node Capture for WSNs.

Shi Y, Wei W, He Z - Sensors (Basel) (2015)

Attack models.
© Copyright Policy
Related In: Results  -  Collection

License
Show All Figures
getmorefigures.php?uid=PMC4482007&req=5

sensors-15-11928-f009: Attack models.
Mentions: Before the discussion on security of the proposed white-box encryption algorithms, we briefly review three main attack/threat models capturing the capabilities of an adversary to attack cryptosystems [37]. The first one is the black-box model. It is a traditional attack model in which an adversary has only access to the functionality of a crypto system. The second one is the grey-box model, which refers to a model in which a leakage function is present. In such an attack context, the adversary can deploy side-channel cryptanalysis techniques. Due to the large variety of leakage functions, several grey-box models can be defined. The third one is the white-box model in which the adversary has total visibility of the software implementation of the cryptosystem and has full control over its execution platform. One could refer to the white-box model as the worst-case model. In contrast to grey-box models, it is impossible for an adversary not to comply with the model. The white-box model is used to analyze algorithms that are running in a non-trustable environment, in which applications are subject to attacks from the execution platform. Threats and cryptanalysis techniques in the three models are illustrated in Figure 9.

Bottom Line: Therefore, the size of the implementations are significantly reduced while keeping the same security efficiency.The security and efficiency of the proposed solutions are theoretically analyzed.Evaluation shows our solutions satisfy the requirement of sensor nodes in terms of limited memory size and low computational costs.

View Article: PubMed Central - PubMed

Affiliation: School of Software Engineering, Tongji University, No.4800 Cao'An Highway, Shanghai 201804, China. shiyang@tongji.edu.cn.

ABSTRACT
Wireless Sensor Networks (WSNs) are often deployed in hostile environments and, thus, nodes can be potentially captured by an adversary. This is a typical white-box attack context, i.e., the adversary may have total visibility of the implementation of the build-in cryptosystem and full control over its execution platform. Handling white-box attacks in a WSN scenario is a challenging task. Existing encryption algorithms for white-box attack contexts require large memory footprint and, hence, are not applicable for wireless sensor networks scenarios. As a countermeasure against the threat in this context, in this paper, we propose a class of lightweight secure implementations of the symmetric encryption algorithm SMS4. The basic idea of our approach is to merge several steps of the round function of SMS4 into table lookups, blended by randomly generated mixing bijections. Therefore, the size of the implementations are significantly reduced while keeping the same security efficiency. The security and efficiency of the proposed solutions are theoretically analyzed. Evaluation shows our solutions satisfy the requirement of sensor nodes in terms of limited memory size and low computational costs.

No MeSH data available.